Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Flaws in self-encrypting SSDs let attackers bypass disk encryption

05 Nov 2018   #1

64-bit Windows 10 Pro
Flaws in self-encrypting SSDs let attackers bypass disk encryption

Researchers at Radboud University in the Netherlands have revealed today vulnerabilities in some solid-state drives (SSDs) that allow an attacker to bypass the disk encryption feature and access the local data without knowing the user-chosen disk encryption password.

The vulnerabilities only affect SSD models that support hardware-based encryption, where the disk encryption operations are carried out via a local built-in chip, separate from the main CPU.

Such devices are also known as self-encrypting drives (SEDs) and have become popular in recent years after software-level full disk encryption was proven vulnerable to attacks where intruders would steal the encryption password from the computer's RAM.

But in a new academic paper published today, two Radboud researchers, Carlo Meijer and Bernard van Gastel, say they've identified vulnerabilities in the firmware of SEDs.

These vulnerabilities affect "ATA security" and "TCG Opal," two specifications for the implementation of hardware-based encryption on SEDs.

The two say that the SEDs they've analyzed, allowed users to set a password that decrypted their data, but also came with support for a so-called "master password" that was set by the SED vendor...

Read more: Flaws in self-encrypting SSDs let attackers bypass disk encryption | ZDNet

My System SpecsSystem Spec
05 Nov 2018   #2
F22 Simpilot

Windows 7 Ultimate x64

Unreal. Never trust propitiatory encryption.
My System SpecsSystem Spec
05 Nov 2018   #3

Windows 7 Pro & Ultimate, Windows 8.1 Pro, Linux Mint 19 Cinnamon (All 64-Bit)

I'm wondering when this was discovered? I use 2 Samsung EVO 850s, and a Crucial MX300.

The article states "Both SSD vendors whose products they've tested --Crucial (Micron) and Samsung-- have released firmware updates to address the reported flaws."

I don't recall either of them having firmware updates for the last few months. I think it's been at least 6 months since the EVOs had firmware updates.
My System SpecsSystem Spec


 Flaws in self-encrypting SSDs let attackers bypass disk encryption

Thread Tools

Similar help and support threads
Thread Forum
bypass login screen w/o password or recovery disk
My hp pavilion dv4 how can I bypass Windows startup login password screen Or how can I reset administrator. Password w/o disk and how can I use command prompts when can't get pass login screen
General Discussion
encryption & dynamic disk
I have Home premium windows 7 and I don't think I can do encryption or dynamic disk? I have Vista Ultimate which I can do but don't think I can with premium windows 7 but don't know?
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:02.
Twitter Facebook Google+